InfoSec News Nuggets 07/25/2023
Novel Open Source Supply Chain Attacks Target Banking Sector Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the banking sector. In a recent report, Checkmarx researchers analyzed two distinct, sophisticated supply chain attacks relying on open source toolsets. Both attacks’ targets were banks. The first attack started in February 2023, when a threat actor uploaded a package to NPM, the world’s largest software registry. This package contained a payload designed to latch…